使用Matomo打造百万PV的网站访问统计系统
服务器配置
每月跟踪100万次或更少的页面浏览量
一台服务器足以同时承载数据库和应用程序服务器 ,应用服务器最低推荐配置:
4 CPU, 8 GB RAM, 250GB SSD .
- Nginx
- PHP 8.x
- MySQL 8+
php 推荐配置 vim /etc/php.ini
以下参数对号入座一下
memory_limit = 2G
max_execution_time = 0
log_errors = On
display_errors=Off
MySQL 推荐配置 vim /etc/my.cnf
通过将MySQL临时目录移动到tmpfs来提升性能
[mysqld]
tmpdir = /run/mysqld
重启服务
service mysqld restart
确认是否生效,登录mysql
# mysql
mysql> SHOW VARIABLES LIKE 'tmpdir';
+---------------+-------------+
| Variable_name | Value |
+---------------+-------------+
| tmpdir | /run/mysqld |
+---------------+-------------+
其他参数
;提高吞吐量
innodb_flush_log_at_trx_commit=2
;如果您每月跟踪的操作少于100万次
;您可以将下面的值降低到512M
max_allowed_packet = 1G
wait_timeout = 28800
Redis 推荐配置
安装php扩展
yum install php-pecl-redis -y
修改配置文件 config/config.ini.php
[Cache]
backend = chained
[ChainedCache]
backends[] = array
backends[] = redis
[RedisCache]
host = "127.0.0.1"
port = 6379
timeout = 0.0
password = ""
database = 14
; In case you are using queued tracking: Make sure to configure a different database! Otherwise queued requests will be flushed
Nginx 配置
新建配置文件 vim /etc/nginx/conf.d/matomo.conf
server {
listen [::]:80; # remove this if you don't want Matomo to be reachable from IPv6
listen 80;
server_name matomo.example.com;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
location / {
return 301 https://$host$request_uri;
}
}
server {
listen [::]:443 ssl http2; # remove this if you don't want Matomo to be reachable from IPv6
listen 443 ssl http2;
server_name matomo.example.com; # list all domains Matomo should be reachable from
access_log /var/log/nginx/matomo.access.log;
error_log /var/log/nginx/matomo.error.log;
## uncomment if you want to enable HSTS with 6 months cache
## ATTENTION: Be sure you know the implications of this change (you won't be able to disable HTTPS anymore)
#add_header Strict-Transport-Security max-age=15768000 always;
## replace with your SSL certificate
ssl_certificate /etc/letsencrypt/live/matomo.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/matomo.example.com/privkey.pem;
include ssl.conf; # if you want to support older browsers, please read through this file
add_header Referrer-Policy origin always; # make sure outgoing links don't show the URL to the Matomo instance
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
root /var/www/matomo/; # replace with path to your matomo instance
index index.php;
## only allow accessing the following php files
location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs)\.php$ {
include snippets/fastcgi-php.conf; # if your Nginx setup doesn't come with a default fastcgi-php config, you can fetch it from https://github.com/nginx/nginx/blob/master/conf/fastcgi.conf
try_files $fastcgi_script_name =404; # protects against CVE-2019-11043. If this line is already included in your snippets/fastcgi-php.conf you can comment it here.
fastcgi_param HTTP_PROXY ""; # prohibit httpoxy: https://httpoxy.org/
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; #replace with the path to your PHP socket file
#fastcgi_pass 127.0.0.1:9000; # uncomment if you are using PHP via TCP sockets (e.g. Docker container)
}
## deny access to all other .php files
location ~* ^.+\.php$ {
deny all;
return 403;
}
## serve all other files normally
location / {
try_files $uri $uri/ =404;
}
## disable all access to the following directories
location ~ ^/(config|tmp|core|lang) {
deny all;
return 403; # replace with 404 to not show these directories exist
}
location ~ /\.ht {
deny all;
return 403;
}
location ~ js/container_.*_preview\.js$ {
expires off;
add_header Cache-Control 'private, no-cache, no-store';
}
location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2)$ {
allow all;
## Cache images,CSS,JS and webfonts for an hour
## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade
expires 1h;
add_header Pragma public;
add_header Cache-Control "public";
}
location ~ ^/(libs|vendor|plugins|misc|node_modules) {
deny all;
return 403;
}
## properly display textfiles in root directory
location ~/(.*\.md|LEGALNOTICE|LICENSE) {
default_type text/plain;
}
}
Matomo系统配置
创建新的配置文件: path/to/matomo/config/common.config.ini.php
; <?php exit; ?> DO NOT REMOVE THIS LINE
;
; This common.config.ini.php file is read right before config.ini.php
[General]
; Always use SSL and redirect http->https in Matomo
force_ssl = 1
; Do not allow users to trigger the Matomo archiving process.
; Ensures that no unexpected data processing triggers from UI or API.
enable_browser_archiving_triggering = 0
; Uncomment to make sure that API requests with
; a &segment= parameter will not trigger archiving
; browser_archiving_disabled_enforce = 1
;Uncomment to disable historical archive processing
;when a new plugin is installed and may try process historical data
;rearchive_reports_in_past_last_n_months =
;rearchive_reports_in_past_exclude_segments = 1
; Disable OPTIMIZE TABLE statement which can create dead-locks
; and prevent MySQL backups
enable_sql_optimize_queries = 0
; Enable Matomo application logging to both file and screen
[log]
log_writers[] = "file"
log_writers[] = "screen"
; Matomo logs (WARN, ERROR) are written in matomo/tmp/logs/matomo.log
logger_file_path = tmp/logs/matomo.log
[CustomReports]
custom_reports_max_execution_time = 2700
custom_reports_disabled_dimensions = "CoreHome.VisitLastActionDate"
安装 QueuedTracking 插件
后台插件市场安装
QueuedTracking插件设置
- Backend =
redis - Queue enabled
打勾 - 多少个请求做一次批处理 =
50
- Backend =
计划任务配置
* * * * * php /path/to/matomo/console queuedtracking:process --no-ansi >/dev/null 2>&1
报告自动归档 Auto-Archiving
后台要设置,在浏览器中查看报告时进行归档为否
计划任务配置
5 * * * * /usr/bin/php /path/to/matomo/console core:archive --url=http://example.org/matomo/ > /dev/null
参考:
本文由 systemofdown 创作,采用 知识共享署名 3.0 中国大陆许可协议 进行许可。 可自由转载、引用,但需署名作者且注明文章出处。
共收到 0 条回复
没有找到数据。